Benchmark

Open-source firewall and WAF benchmark

A vendor-neutral comparison of open-source firewall and web application firewall software for teams building perimeter and application defence on the network security controls NIS2 and ISO 27001 expect.

What we compare

Open-source firewall software, side by side

Comparison subjects

The benchmark evaluates leading open-source firewall platforms and their WAF counterparts, including the pfSense vs OpnSense comparison teams most often research, plus ModSecurity-based web application firewall rule sets. Product names appear only as comparison subjects.

Network firewalling

Stateful filtering, routing, VPN and segmentation โ€” the core of any best open source firewall shortlist.

Web application firewall

Open source WAF rule sets, virtual patching and how each handles common application attacks.

Management and cost

Usability, updates and the true cost of free firewall software over its lifecycle.

Why a firewall and WAF matter for compliance

Network security measures

NIS2 lists network security and access control among its baseline risk-management measures.

Application protection

A WAF is a practical control for protecting the web-facing services in scope for the regulation.

Related reading

Pair this with the regulation

Read the critical infrastructure protection and Cyber Resilience Act pillar guides for context.

Critical infrastructure protection

The perimeter is where infrastructure defence starts.

Cyber Resilience Act

Product security obligations for connected devices.

Build your perimeter on tooling you can trust.

Request the full comparison report and subscribe for updates.